<!--
  Copyright (C) Nginx, Inc.
  -->

<!DOCTYPE article SYSTEM "../../dtd/article.dtd">

<article name="nginx: Linux packages"
         link="/en/linux_packages.html"
         lang="en"
         rev="19"
         toc="no">

<section id="distributions">

<para>
Currently, nginx packages are available for the following distributions and
versions:
</para>

<para>
RHEL/CentOS:

<table note="yes">

<tr>
<td width="20%">Version</td>
<td>Supported Platforms</td>
</tr>

<tr>
<td width="20%">5.x</td>
<td>x86_64, i386</td>
</tr>

<tr>
<td width="20%">6.x</td>
<td>x86_64, i386</td>
</tr>

<tr>
<td width="20%">7.x</td>
<td>x86_64</td>
</tr>

</table>
</para>

<para>
Debian:

<table note="yes">

<tr>
<td width="20%">Version</td>
<td width="20%">Codename</td>
<td>Supported Platforms</td>
</tr>

<tr>
<td width="20%">7.x</td>
<td width="20%">wheezy</td>
<td>x86_64, i386</td>
</tr>

<tr>
<td width="20%">8.x</td>
<td width="20%">jessie</td>
<td>x86_64, i386</td>
</tr>

</table>
</para>

<para>
Ubuntu:

<table note="yes">

<tr>
<td width="20%">Version</td>
<td width="20%">Codename</td>
<td>Supported Platforms</td>
</tr>

<tr>
<td width="20%">12.04</td>
<td width="20%">precise</td>
<td>x86_64, i386</td>
</tr>

<tr>
<td width="20%">14.04</td>
<td width="20%">trusty</td>
<td>x86_64, i386, aarch64/arm64</td>
</tr>

<tr>
<td width="20%">15.10</td>
<td width="20%">wily</td>
<td>x86_64, i386</td>
</tr>

<tr>
<td width="20%">16.04</td>
<td width="20%">xenial</td>
<td>x86_64, i386</td>
</tr>

</table>
</para>

<para>
SLES:

<table note="yes">

<tr>
<td width="20%">Version</td>
<td>Supported Platforms</td>
</tr>

<tr>
<td width="20%">12</td>
<td>x86_64</td>
</tr>

</table>
</para>

<para>
To enable automatic updates of Linux packages
set up the yum repository for the RHEL/CentOS distributions,
the apt repository for the Debian/Ubuntu distributions,
or the zypper repository for SLES.
</para>

</section>


<section name="Pre-Built Packages for Stable version" id="stable">

<para>
To set up the yum repository for RHEL/CentOS, create the file named
<path>/etc/yum.repos.d/nginx.repo</path>
with the following contents:

<programlisting>
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/OS/OSRELEASE/$basearch/
gpgcheck=0
enabled=1
</programlisting>

Replace “<literal>OS</literal>” with “<literal>rhel</literal>” or
“<literal>centos</literal>”,
depending on the distribution used, and “<literal>OSRELEASE</literal>”
with “<literal>5</literal>”, “<literal>6</literal>”, or “<literal>7</literal>”,
for 5.x, 6.x, or 7.x versions, respectively.
</para>

<para>
For Debian/Ubuntu, in order to authenticate the nginx repository signature
and to eliminate warnings about missing PGP key during installation of the
nginx package, it is necessary to add the key used to sign the nginx
packages and repository to the <command>apt</command> program keyring.
Please download <link url="/keys/nginx_signing.key">this
key</link> from our web site, and add it to the <command>apt</command>
program keyring with the following command:
<programlisting>
sudo apt-key add nginx_signing.key
</programlisting>
</para>

<para>
For Debian replace <i>codename</i> with Debian distribution
<link id="distributions">codename</link>, and append the following to
the end of the <path>/etc/apt/sources.list</path> file:

<programlisting>
deb http://nginx.org/packages/debian/ <i>codename</i> nginx
deb-src http://nginx.org/packages/debian/ <i>codename</i> nginx
</programlisting>
</para>

<para>
For Ubuntu replace <i>codename</i> with Ubuntu distribution
<link id="distributions">codename</link>, and append the following to
the end of the <path>/etc/apt/sources.list</path> file:

<programlisting>
deb http://nginx.org/packages/ubuntu/ <i>codename</i> nginx
deb-src http://nginx.org/packages/ubuntu/ <i>codename</i> nginx
</programlisting>
</para>

<para>
For Debian/Ubuntu then run the following commands:
<programlisting>
apt-get update
apt-get install nginx
</programlisting>
</para>

<para>
For SLES run the following command:
<programlisting>
zypper addrepo -G -t yum -c 'http://nginx.org/packages/sles/12' nginx
</programlisting>
</para>

</section>


<section name="Pre-Built Packages for Mainline version" id="mainline">

<para>
To set up the yum repository for RHEL/CentOS, create the file named
<path>/etc/yum.repos.d/nginx.repo</path>
with the following contents:

<programlisting>
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/mainline/OS/OSRELEASE/$basearch/
gpgcheck=0
enabled=1
</programlisting>

Replace “<literal>OS</literal>” with “<literal>rhel</literal>” or
“<literal>centos</literal>”,
depending on the distribution used, and “<literal>OSRELEASE</literal>”
with “<literal>5</literal>”, “<literal>6</literal>”, or “<literal>7</literal>”,
for 5.x, 6.x, or 7.x versions, respectively.
</para>

<para>
For Debian/Ubuntu, in order to authenticate the nginx repository signature
and to eliminate warnings about missing PGP key during installation of the
nginx package, it is necessary to add the key used to sign the nginx
packages and repository to the <command>apt</command> program keyring.
Please download <link url="/keys/nginx_signing.key">this
key</link> from our web site, and add it to the <command>apt</command>
program keyring with the following command:
<programlisting>
sudo apt-key add nginx_signing.key
</programlisting>
</para>

<para>
For Debian replace <i>codename</i> with Debian distribution
<link id="distributions">codename</link>, and append the following to
the end of the <path>/etc/apt/sources.list</path> file:

<programlisting>
deb http://nginx.org/packages/mainline/debian/ <i>codename</i> nginx
deb-src http://nginx.org/packages/mainline/debian/ <i>codename</i> nginx
</programlisting>
</para>

<para>
For Ubuntu replace <i>codename</i> with Ubuntu distribution
<link id="distributions">codename</link>, and append the following to
the end of the <path>/etc/apt/sources.list</path> file:

<programlisting>
deb http://nginx.org/packages/mainline/ubuntu/ <i>codename</i> nginx
deb-src http://nginx.org/packages/mainline/ubuntu/ <i>codename</i> nginx
</programlisting>
</para>

<para>
For Debian/Ubuntu then run the following commands:
<programlisting>
apt-get update
apt-get install nginx
</programlisting>
</para>

<para>
For SLES run the following command:
<programlisting>
zypper addrepo -G -t yum -c 'http://nginx.org/packages/mainline/sles/12' nginx
</programlisting>
</para>

</section>


<section name="Configure Arguments" id="arguments">

<para>
Configure arguments common for nginx binaries from pre-built packages:
<programlisting>
--prefix=/etc/nginx
--sbin-path=/usr/sbin/nginx
--conf-path=/etc/nginx/nginx.conf
--error-log-path=/var/log/nginx/error.log
--http-log-path=/var/log/nginx/access.log
--pid-path=/var/run/nginx.pid
--lock-path=/var/run/nginx.lock
--http-client-body-temp-path=/var/cache/nginx/client_temp
--http-proxy-temp-path=/var/cache/nginx/proxy_temp
--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp
--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp
--http-scgi-temp-path=/var/cache/nginx/scgi_temp
--user=nginx
--group=nginx
--with-http_ssl_module
--with-http_realip_module
--with-http_addition_module
--with-http_sub_module
--with-http_dav_module
--with-http_flv_module
--with-http_mp4_module
--with-http_gunzip_module
--with-http_gzip_static_module
--with-http_random_index_module
--with-http_secure_link_module
--with-http_stub_status_module
--with-http_auth_request_module
--with-threads
--with-stream
--with-stream_ssl_module
--with-http_slice_module
--with-mail
--with-mail_ssl_module
--with-file-aio
--with-http_v2_module
--with-ipv6
</programlisting>
</para>

<para>
Main nginx package is built with all modules that do not require additional
libraries to avoid extra dependencies.
</para>

</section>


<section name="Dynamic Modules" id="dynmodules">

<para>
Since version 1.9.11, nginx supports
<link doc="docs/ngx_core_module.xml" id="load_module">dynamic modules</link>.
Currently, the following modules are built as dynamic
and shipped as separate packages:
<programlisting>
nginx-module-geoip
nginx-module-image-filter
nginx-module-njs
nginx-module-perl
nginx-module-xslt
</programlisting>
</para>

</section>


<section name="Signatures" id="signatures">

<para>
Both RPM packages and Debian/Ubuntu repositories use digital signatures
to verify the integrity and origin of the downloaded package.
In order to check a signature it is necessary to download
<link url="/keys/nginx_signing.key">nginx signing key</link>
and import it to the <command>rpm</command> or <command>apt</command>
program’s keyring:

<list type="bullet">

<listitem>
On Debian/Ubuntu:
<programlisting>sudo apt-key add nginx_signing.key</programlisting>
</listitem>

<listitem>
On RHEL/CentOS:
<programlisting>sudo rpm --import nginx_signing.key</programlisting>
</listitem>

<listitem>
On SLES:
<programlisting>sudo rpm --import nginx_signing.key</programlisting>
</listitem>

</list>
</para>

<para>
On Debian/Ubuntu/SLES signatures are checked by default, but
on RHEL/CentOS it is necessary to set
<programlisting>gpgcheck=1</programlisting> in the
<path>/etc/yum.repos.d/nginx.repo</path> file.
</para>

<para>
Since our <link doc="../en/pgp_keys.xml">PGP keys</link>
and packages are located on the same server,
they are equally trusted.
It is highly advised to additionally verify
the authenticity of the downloaded PGP key.
PGP has the “Web of Trust” concept,
when a key is signed by someone else’s key,
that in turn is signed by another key and so on.
It often makes possible to build a chain from an arbitrary key
to someone’s key who you know and trust personally,
thus verify the authenticity of the first key in a chain.
This concept is described in details in
<link url="http://www.dewinter.com/gnupg_howto/english/GPGMiniHowto-1.html">
GPG Mini Howto</link>.
Our keys have enough signatures,
and their authenticity is relatively easy to check.
</para>

</section>

</article>